Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e39352e372e302f32342d3234203d3e20313333383237.roa
File:                     3130332e39352e372e302f32342d3234203d3e20313333383237.roa (raw, json)
Hash identifier:          5F6CvtinNR1p/itwp3z5OGOaBW/Hhk8aAN8U4BJCi0o=
Subject key identifier:   15:A1:7B:E7:F5:0B:73:42:79:D2:6E:29:AB:28:12:D9:57:71:29:21
Certificate issuer:       /CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
Certificate serial:       3EBA1D447CA43B800D115295ED306A68198D2DD8
Authority key identifier: 0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e39352e372e302f32342d3234203d3e20313333383237.roa
Signing time:             Thu 07 Sep 2023 03:48:43 +0000
ROA not before:           Thu 07 Sep 2023 03:43:43 +0000
ROA not after:            Thu 05 Sep 2024 03:48:43 +0000
asID:                     133827
IP address blocks:        103.95.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl
                          rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 08:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:ba:1d:44:7c:a4:3b:80:0d:11:52:95:ed:30:6a:68:19:8d:2d:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
        Validity
            Not Before: Sep  7 03:43:43 2023 GMT
            Not After : Sep  5 03:48:43 2024 GMT
        Subject: CN=15A17BE7F50B734279D26E29AB2812D957712921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e3:64:04:9e:d3:ff:b8:5a:bf:62:91:ad:da:
                    a4:11:c1:34:0f:42:f4:4c:94:4c:ea:3e:88:1d:d1:
                    58:44:c1:08:07:a3:84:1f:c0:92:d3:79:68:e0:7e:
                    a4:aa:37:47:f3:b4:65:d9:ed:66:13:b3:39:7a:8c:
                    15:2f:99:b6:de:92:25:81:2f:89:25:db:cf:15:e6:
                    d4:1b:cd:9b:e9:68:dd:20:49:3d:a6:61:75:3a:78:
                    90:c8:b4:0b:87:f0:0f:7d:07:e2:c8:61:49:f9:0e:
                    7a:71:41:cf:a9:75:a5:4f:a8:d6:31:89:84:05:ba:
                    eb:2e:af:59:39:2f:f9:3a:69:e1:56:69:db:3d:eb:
                    56:a1:c5:76:12:e0:11:cf:94:63:1f:aa:ad:27:28:
                    61:96:5f:0d:31:77:81:51:02:96:01:23:46:d2:26:
                    41:20:b2:29:f1:9f:04:48:6a:66:94:53:cc:98:88:
                    1b:ce:39:2d:29:ab:ef:2b:ab:3e:fd:5b:44:ef:dc:
                    31:1a:65:a5:fc:bd:4f:c7:cc:d0:0d:fa:1e:8c:e1:
                    8e:18:a1:24:61:07:06:16:96:7c:29:bc:44:d7:d7:
                    9e:aa:ea:27:0c:7a:2c:43:d9:2d:56:64:c5:b0:5d:
                    79:27:2d:e8:1b:84:3e:55:2d:14:c7:64:8c:99:7b:
                    56:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:A1:7B:E7:F5:0B:73:42:79:D2:6E:29:AB:28:12:D9:57:71:29:21
            X509v3 Authority Key Identifier:
                keyid:0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e39352e372e302f32342d3234203d3e20313333383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.95.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:07:0b:24:b6:2b:2e:42:45:33:14:bf:0d:5f:4a:a4:b3:00:
         2e:e7:ff:e4:2f:d7:8d:99:6d:0c:7c:0b:74:6a:ca:41:2c:7f:
         c9:9a:3e:57:c8:3e:1d:c7:ac:2d:30:03:c8:6d:94:e6:86:7c:
         8d:e5:c6:3b:28:bd:ba:28:cf:4d:65:2d:30:6a:bc:77:a9:cd:
         08:6c:db:f7:e9:2b:70:07:f6:6e:e8:35:6e:06:b9:0b:ea:a2:
         4f:6f:2e:39:c0:92:b2:3e:7a:da:03:e1:10:04:96:d5:3c:49:
         9c:d4:24:5f:4b:96:9f:5e:36:63:5e:3e:6d:02:81:8f:84:fe:
         0d:27:58:6b:94:ee:85:8d:ef:c8:d2:d6:85:2a:5a:f2:42:8e:
         31:d5:b8:ee:10:2e:cf:9e:70:d6:c7:eb:4d:0d:e5:24:f6:3b:
         ea:f7:66:d4:21:9f:1f:a7:41:22:58:56:eb:46:a7:6e:48:77:
         2c:2d:d0:a1:88:e5:0b:ad:9b:10:cf:10:a8:b3:34:54:fd:cc:
         d3:34:17:15:b1:b1:f3:fc:2f:b6:f0:a0:0d:3b:f3:50:d7:fd:
         b2:e6:4b:82:aa:37:d6:32:00:44:c0:79:92:41:3d:43:09:02:
         84:26:07:ca:76:12:26:20:5d:ed:b8:b6:02:41:5e:a2:cf:83:
         50:9a:ff:f1
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUProdRHykO4ANEVKV7TBqaBmNLdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1
NjlGODM2RjAeFw0yMzA5MDcwMzQzNDNaFw0yNDA5MDUwMzQ4NDNaMDMxMTAvBgNV
BAMTKDE1QTE3QkU3RjUwQjczNDI3OUQyNkUyOUFCMjgxMkQ5NTc3MTI5MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC242QEntP/uFq/YpGt2qQRwTQP
QvRMlEzqPogd0VhEwQgHo4QfwJLTeWjgfqSqN0fztGXZ7WYTszl6jBUvmbbekiWB
L4kl288V5tQbzZvpaN0gST2mYXU6eJDItAuH8A99B+LIYUn5DnpxQc+pdaVPqNYx
iYQFuusur1k5L/k6aeFWads961ahxXYS4BHPlGMfqq0nKGGWXw0xd4FRApYBI0bS
JkEgsinxnwRIamaUU8yYiBvOOS0pq+8rqz79W0Tv3DEaZaX8vU/HzNAN+h6M4Y4Y
oSRhBwYWlnwpvETX156q6icMeixD2S1WZMWwXXknLegbhD5VLRTHZIyZe1ZBAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUFaF75/ULc0J50m4pqygS2VdxKSEwHwYDVR0j
BBgwFoAUDOannVPYKfKlViNnbo0qmlafg28wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YTk5MDEyNS02MDlhLTQ4YzgtYWM4Ni0xYzNiYzMxNWJhZDYvMC8wQ0U2QTc5RDUz
RDgyOUYyQTU1NjIzNjc2RThEMkE5QTU2OUY4MzZGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1NjlG
ODM2Ri5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhOTkwMTI1LTYwOWEtNDhjOC1h
Yzg2LTFjM2JjMzE1YmFkNi8wLzMxMzAzMzJlMzkzNTJlMzcyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzMTMzMzMzODMyMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnXwcwDQYJKoZIhvcN
AQELBQADggEBAGQHCyS2Ky5CRTMUvw1fSqSzAC7n/+Qv142ZbQx8C3RqykEsf8ma
PlfIPh3HrC0wA8htlOaGfI3lxjsovbooz01lLTBqvHepzQhs2/fpK3AH9m7oNW4G
uQvqok9vLjnAkrI+etoD4RAEltU8SZzUJF9Llp9eNmNePm0CgY+E/g0nWGuU7oWN
78jS1oUqWvJCjjHVuO4QLs+ecNbH600N5ST2O+r3ZtQhnx+nQSJYVutGp25Idywt
0KGI5QutmxDPEKizNFT9zNM0FxWxsfP8L7bwoA0781DX/bLmS4KqN9YyAETAeZJB
PUMJAoQmB8p2EiYgXe24tgJBXqLPg1Ca//E=
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:26:42 2024 by rpki-client on console-ams.rpki-client.org